Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A computer system comprising: one or more processors; and one or more computer-readable media having stored thereon instructions that are executable by the one or more processors to configure the computer system to provision a user account, including instructions that are executable to configure the computer system to perform at least the following: at a local entity, contact a remote identity system to begin provisioning the user account; at the local entity, automatically receive from the remote identity system a correlating factor related to a verification code which is also received from the remote identity system; at the local entity, receive profile information entered into the local entity that will be stored in the user account at the remote identity system only after the local entity has received both the correlating factor and the verification code; at the local entity, obtain the verification code corresponding to the correlating factor; and as a result of obtaining the verification code corresponding to the correlating factor, send the correlating factor, verification code, and the profile information from the local entity to the remote identity system to be used by the remote identity system to determine that the verification code correlates to the correlating factor, wherein upon determining that the verification code correlates to the correlating factor the remote identity system responsively provisioning the user account and then storing the profile information in the user account provisioned at the remote identity system.
This invention relates to a computer system for securely provisioning a user account by coordinating verification between a local entity and a remote identity system. The system addresses the problem of ensuring secure and reliable user account creation by requiring verification before profile information is stored. The system includes one or more processors and computer-readable media with executable instructions. The process begins at a local entity, which contacts a remote identity system to initiate user account provisioning. The remote identity system sends a correlating factor and a verification code to the local entity. The local entity then receives profile information entered by the user, which is stored only after both the correlating factor and verification code are received. The local entity obtains the verification code corresponding to the correlating factor, typically through user input or another verification method. Once obtained, the local entity sends the correlating factor, verification code, and profile information to the remote identity system. The remote system verifies that the verification code matches the correlating factor. If verified, the remote system provisions the user account and stores the profile information. This ensures that user account creation is secure and that profile data is only stored after successful verification.
2. The system of claim 1 , wherein the correlating factor is based on a hash of the verification code.
Technical Summary: This invention relates to a system for verifying data integrity or authenticity using a correlating factor derived from a verification code. The system addresses the challenge of securely and efficiently validating data or transactions by leveraging cryptographic techniques to ensure tamper-proof verification. The system includes a verification code generator that produces a unique verification code for a given data set or transaction. This verification code is then processed through a cryptographic hash function to generate a correlating factor. The hash function ensures that even minor changes to the input data result in a significantly different output, making it difficult to tamper with the data without detection. The correlating factor is used to verify the integrity or authenticity of the data by comparing it to a reference value. If the computed correlating factor matches the reference, the data is deemed valid. This approach enhances security by preventing unauthorized modifications and ensuring that only legitimate data is accepted. The system may be applied in various domains, such as secure communications, digital signatures, or blockchain transactions, where data integrity is critical. By using a hash-based correlating factor, the system provides a robust and efficient method for verification without exposing the original verification code, thereby maintaining confidentiality.
3. The system of claim 1 , wherein the correlating factor is based on a session ID.
A system for correlating data across multiple sources uses a session identifier (ID) as a key factor to link related information. The system collects data from various sources, such as user interactions, transactions, or network events, and assigns a unique session ID to each data set. The session ID serves as a common reference point, allowing the system to group and analyze data that belongs to the same session or interaction. This correlation helps track user behavior, detect anomalies, or improve system performance by ensuring data consistency across different sources. The session ID may be generated dynamically or assigned based on predefined rules, ensuring accurate and reliable correlation. The system may also include additional features, such as data filtering, real-time processing, or integration with external databases, to enhance its functionality. By using a session ID as the correlating factor, the system provides a structured and efficient way to manage and analyze complex data sets.
4. The system of claim 1 , wherein the correlating factor comprises a location where a hash of the verification code can be verified, wherein the location is a verification service.
A system for verifying digital content integrity includes a verification service that checks the authenticity of a verification code associated with the content. The verification code is hashed, and the hash is sent to the verification service for validation. The verification service acts as a trusted third-party location where the hash can be verified against a stored reference. This ensures that the content has not been tampered with and maintains its integrity. The system may also include a content provider that generates the verification code and a user device that receives the content and the verification code. The user device sends the hash of the verification code to the verification service for verification. If the verification service confirms the hash matches the stored reference, the content is deemed authentic. This system is particularly useful in scenarios where digital content must be verified for authenticity, such as in software distribution, digital signatures, or secure document transmission. The verification service provides a centralized and trusted mechanism for validating the integrity of digital content across different platforms and devices.
5. The system of claim 1 , wherein contacting an identity system to begin account provisioning comprises providing an account identifier.
A system for identity management and account provisioning automates the creation and management of user accounts across multiple systems. The system addresses the inefficiency and security risks associated with manual account provisioning, which often leads to errors, delays, and unauthorized access. The system includes a central identity management module that interfaces with various identity systems to streamline account creation, updates, and deactivation. When initiating account provisioning, the system contacts an identity system and provides an account identifier to uniquely identify the user or account being provisioned. This identifier ensures accurate linking of the account to the correct user and prevents conflicts or duplicates. The system may also validate the account identifier against existing records to confirm its uniqueness before proceeding with provisioning. Additionally, the system can enforce security policies, such as password requirements or multi-factor authentication, during the provisioning process. The system further supports automated workflows for account lifecycle management, including role assignments, access permissions, and compliance checks. By centralizing identity management, the system reduces administrative overhead and enhances security by ensuring consistent and controlled account provisioning across an organization's IT infrastructure.
6. The system of claim 5 , wherein the account identifier comprises an email address.
A system for managing user accounts in a digital platform includes a method for verifying and authenticating users based on an account identifier. The account identifier is an email address, which serves as a unique identifier for each user within the system. The system processes the email address to authenticate the user, ensuring secure access to the platform. The authentication process may involve verifying the email address against stored records or sending a verification link to confirm ownership. The system also supports additional security measures, such as multi-factor authentication, to enhance protection. The email address is used to link user accounts across different services or platforms, allowing seamless integration and access control. The system ensures that the email address is validated and formatted correctly before being used for authentication, reducing errors and improving reliability. This approach simplifies user management while maintaining security and usability.
7. The system of claim 5 , wherein the account identifier comprises a phone number.
A system for managing user accounts in a digital platform includes a method for authenticating users based on an account identifier. The account identifier is a phone number, which is used to verify the user's identity during login or registration. The system processes the phone number to confirm its validity and associates it with a user profile. This allows users to access their accounts securely using their phone number as a unique identifier. The system may also include additional authentication steps, such as sending a verification code to the phone number or requiring biometric verification. The phone number-based authentication ensures that only authorized users can access their accounts, reducing the risk of unauthorized access. The system may also support multiple authentication methods, including password-based and token-based authentication, to enhance security. The phone number identifier simplifies the login process by eliminating the need for complex usernames or email addresses, making it more user-friendly. The system is particularly useful in mobile applications and online services where quick and secure authentication is essential.
8. The system of claim 1 , wherein the correlating factor is received at the local entity automatically through a web browser and the verification code is received through an email or an SMS.
A system for secure authentication involves correlating a verification code with a correlating factor to authenticate a user. The correlating factor is automatically received at a local entity through a web browser, while the verification code is delivered to the user via email or SMS. The system includes a server that generates the verification code and sends it to the user, and a local entity that receives the correlating factor from the web browser. The server and local entity work together to verify the user by matching the received verification code with the correlating factor. This approach enhances security by using multiple communication channels and ensuring that the verification process is automated and seamless for the user. The system can be integrated into various applications requiring secure authentication, such as online banking, e-commerce, or access control systems. The use of email or SMS for delivering the verification code provides flexibility and accessibility, while the web browser-based correlating factor ensures a user-friendly experience. The system may also include additional security measures, such as encryption or multi-factor authentication, to further protect user data.
9. The system of claim 8 , wherein the received verification code is input by the user into the web browser prior to submitting the correlating factor, verification code, and profile information to the verification service.
A system for user authentication and verification processes involves a web browser-based interface that interacts with a verification service. The system addresses the need for secure and efficient user verification, particularly in online environments where authentication must be both reliable and user-friendly. The system includes a web browser that receives a verification code from a user, which is then input into the browser before submitting additional data. This data includes a correlating factor, the verification code, and profile information, all of which are transmitted to a verification service for processing. The correlating factor may be a unique identifier or other data that links the user's input to their profile. The verification service evaluates the submitted information to confirm the user's identity or authorization. This approach enhances security by ensuring that the verification code is entered directly into the browser, reducing the risk of interception or tampering. The system may also include additional components, such as a user device and a network, to facilitate communication between the browser and the verification service. The overall process ensures that user authentication is streamlined while maintaining robust security measures.
10. A method of provisioning a user account: at a local entity, contact a remote identity system to begin provisioning the user account; at the local entity, based on contacting the remote identity system, automatically receive from the remote identity system a correlating factor that is related to a verification code that will be received at the local entity at a later time; at the local entity, receive profile information entered into the local entity that will be stored in the user account at the remote identity system only after the local entity has received both the correlating factor and the verification code; at the local entity, obtaining the verification code corresponding to the correlating factor; and as a result of obtaining the verification code corresponding to the correlating factor, send the correlating factor, verification code, and the profile information from the local entity to the remote identity system to be used by the remote identity system to determine that the verification code correlates to the correlating factor such that determining that the verification code correlates to the correlating factor causes the remote identity system to responsively fully provision the user account and then store the profile information in the user account provisioned at the remote identity system.
This invention relates to user account provisioning systems, specifically methods for securely creating and verifying user accounts across distributed systems. The problem addressed is ensuring secure and reliable account creation while preventing unauthorized access or fraud during the provisioning process. The method involves a local entity (e.g., an application or service) interacting with a remote identity system to create a user account. The local entity initiates the provisioning process by contacting the remote identity system, which then generates a correlating factor linked to a verification code that will be received later. The local entity collects user profile information but does not send it to the remote system until both the correlating factor and the verification code are obtained. Once the verification code is received, the local entity sends the correlating factor, verification code, and profile information to the remote system. The remote system verifies that the verification code matches the correlating factor, confirming the user's identity. If verified, the remote system fully provisions the account and stores the profile information. This approach ensures that user data is only transmitted and stored after identity verification, enhancing security and reducing the risk of fraudulent account creation. The method is particularly useful in distributed systems where account provisioning involves multiple entities.
11. The method of claim 10 , wherein the correlating factor is based on a hash of the verification code.
A system and method for secure data verification involves generating a verification code for a data set, where the verification code is derived from a cryptographic hash of the data. The verification code is then correlated with the data set using a correlating factor, which is itself based on a hash of the verification code. This correlation ensures that any modification to the data set will result in a mismatch between the verification code and the correlating factor, thereby detecting tampering. The method includes steps for generating the verification code, computing the correlating factor from the hash of the verification code, and using this factor to verify the integrity of the data. The system may also include a processor and memory for storing and executing the verification steps. The approach enhances security by ensuring that the verification process is resistant to tampering, as any alteration to the data will invalidate the correlating factor derived from the verification code's hash. This method is particularly useful in applications requiring high data integrity, such as financial transactions, digital signatures, or secure communications.
12. The method of claim 10 , wherein the correlating factor is based on a session ID.
A system and method for correlating data packets in a network communication session involves tracking and analyzing packet flows to improve network performance, security, or diagnostics. The method addresses the challenge of accurately identifying and grouping related data packets in a network session, which is essential for tasks such as traffic analysis, intrusion detection, and quality of service management. Traditional approaches often struggle with packet misclassification due to dynamic network conditions or lack of consistent identifiers. The method includes capturing data packets from a network, extracting metadata such as source/destination addresses, ports, and timestamps, and using this metadata to determine if packets belong to the same communication session. A key aspect is the use of a correlating factor, such as a session ID, to link packets that share the same session. The session ID ensures that packets are correctly grouped, even in high-traffic or complex network environments. The method may also involve analyzing packet sequences, detecting anomalies, or applying policies based on the correlated session data. This approach enhances accuracy in session tracking, reduces false positives in security monitoring, and improves overall network efficiency. The system can be implemented in network devices, software-based analyzers, or cloud-based monitoring platforms.
13. The method of claim 10 , wherein the correlating factor comprises a location where a hash of the verification code can be verified, wherein the location is a verification service.
A system and method for verifying digital content integrity using a verification code and a correlating factor. The invention addresses the problem of ensuring the authenticity and integrity of digital content by providing a mechanism to verify its origin and detect tampering. The method involves generating a verification code for the digital content, where the verification code is derived from the content itself. A correlating factor is associated with the verification code, which includes a location where a hash of the verification code can be verified. This location is a verification service that stores or provides access to the hash of the verification code. When verifying the content, the verification code is extracted, and its hash is compared against the stored hash at the verification service. If they match, the content is verified as authentic and untampered. The verification service may be a centralized or decentralized system, such as a blockchain or a trusted third-party server. This method ensures that the digital content can be reliably verified by any party with access to the verification service, enhancing trust in digital transactions and communications.
14. The method of claim 10 , wherein contacting an identity system to begin account provisioning comprises providing an account identifier.
A system and method for automated account provisioning in identity management systems addresses the inefficiency of manual account setup processes, which are time-consuming and prone to errors. The invention automates the creation and configuration of user accounts by integrating with an identity system to streamline provisioning workflows. The method involves initiating account provisioning by transmitting an account identifier to the identity system, which then processes the request to generate and configure the account. The account identifier uniquely identifies the user or entity for whom the account is being created, ensuring accurate provisioning. This approach reduces administrative overhead, minimizes human error, and accelerates the deployment of user accounts across various applications and services. The system may also include additional steps such as validating the account identifier, retrieving user attributes, and applying predefined policies to customize the account settings. By automating these steps, the invention enhances operational efficiency and scalability in identity management environments.
15. The method of claim 14 , wherein the account identifier comprises an email address.
A system and method for user authentication and account management involves using an account identifier to verify and manage user access. The account identifier is a unique string that distinguishes one user account from another. In one implementation, the account identifier is an email address, which serves as a globally unique identifier for the user. The system processes the account identifier to authenticate the user, ensuring secure access to the account. The method may include receiving the account identifier from a user, validating it against stored records, and granting or denying access based on the validation. The use of an email address as the account identifier simplifies user management, as email addresses are widely used and easily recognizable. This approach enhances security by leveraging existing email verification protocols and reduces the need for additional user credentials. The system may also support other types of account identifiers, but the email address implementation provides a standardized and user-friendly solution. The method ensures that user accounts are uniquely identifiable and accessible while maintaining security and usability.
16. The method of claim 14 , wherein the account identifier comprises a phone number.
A system and method for secure authentication and transaction processing involves using a user's phone number as an account identifier. The phone number is linked to a user account and serves as a unique identifier for authentication and transaction verification. The system generates a one-time passcode (OTP) or token, which is sent to the user's phone number via SMS, voice call, or a dedicated mobile application. The user enters this OTP or token into a transaction interface to authorize a financial transaction, access a secure system, or verify identity. The system validates the OTP or token against a stored value to confirm the user's identity and authorize the requested action. This method enhances security by reducing reliance on static passwords and leveraging the user's phone number as a trusted identifier. The system may also integrate with existing financial networks or payment gateways to facilitate secure transactions. The phone number-based authentication ensures that only the registered user can complete transactions, preventing unauthorized access. The method is particularly useful in mobile banking, e-commerce, and other digital services requiring secure user verification.
17. A method of provisioning a user account: at a remote identity system, receiving a request from a local entity to begin provisioning the user account to be stored at the remote identity system; in response to receiving the request, the remote identity system causing a verification code to be sent to the local entity; at the remote identity system, causing a correlating factor to be sent to the local entity, wherein the correlating factor is related to the verification code sent to the user and is sent in a different manner than the verification code; at the remote identity system, receiving from the local entity, the correlating factor, verification code, and user entered profile information; at the remote identity system, determining that the verification code properly correlates to the correlating factor; as a result of determining that the verification code properly correlates to the correlating factor, at the remote identity system, causing the user account to be fully provisioned; and based upon the user account being fully provisioned, at the remote identity system, causing the profile information to be stored in the user account at the remote identity system.
This invention relates to a method for securely provisioning a user account in a remote identity system. The method addresses the problem of ensuring that user account creation is authenticated and verified before storing sensitive profile information. The process begins when a remote identity system receives a request from a local entity to initiate user account provisioning. In response, the remote system sends a verification code to the local entity and separately transmits a correlating factor to the same entity. The correlating factor is related to the verification code but is delivered through a different communication channel. The local entity then provides the verification code, correlating factor, and user-entered profile information back to the remote system. The remote system verifies that the verification code and correlating factor properly match. If they do, the user account is fully provisioned, and the profile information is stored in the account. This dual-channel verification ensures that the account creation process is secure and that the user's identity is properly authenticated before storing personal data. The method enhances security by requiring correlation between two independently transmitted pieces of information, reducing the risk of unauthorized account creation.
18. The method of claim 17 , wherein the correlating factor is based on a hash of the verification code.
A system and method for secure data verification involves generating a verification code for a data set, where the verification code is derived from a cryptographic hash of the data. The verification code is then used to correlate and authenticate the data set against a reference or stored version. In this specific implementation, the correlation factor used to match or compare the data is based on a hash of the verification code itself. This means that instead of directly comparing the original data or its verification code, the system computes a secondary hash of the verification code to establish a secure and tamper-resistant correlation. This approach enhances security by adding an additional layer of cryptographic processing, making it more difficult for unauthorized parties to manipulate or forge the verification process. The method is particularly useful in applications requiring high levels of data integrity, such as blockchain transactions, digital signatures, or secure document verification. By using a hash of the verification code as the correlating factor, the system ensures that any alteration in the original data or verification code will result in a different hash, thus detecting tampering or inconsistencies.
19. The method of claim 17 , wherein the correlating factor is based on a session ID.
Technical Summary: This invention relates to data processing systems that correlate data across multiple sources using session identifiers. The problem addressed is the difficulty of accurately linking related data transactions or interactions that occur across different systems or time periods, particularly when the data lacks direct identifiers or when systems are not synchronized. The method involves assigning a unique session identifier to a sequence of related data transactions or interactions. This session ID is used as a correlating factor to link and analyze the data, ensuring that all transactions or interactions belonging to the same session are properly grouped. The session ID can be generated by the system or derived from existing data attributes, such as timestamps or user identifiers, to maintain consistency across different data sources. The method further includes processing the data to extract relevant attributes, such as timestamps, user identifiers, or transaction details, and then applying the session ID to correlate these attributes. This allows for accurate tracking of user behavior, transaction flows, or system interactions over time, even when the data originates from disparate sources. The invention is particularly useful in applications such as fraud detection, user behavior analysis, and system performance monitoring, where accurate correlation of data is critical. By using session IDs, the method ensures that related data is properly linked, improving the reliability and accuracy of subsequent analysis.
20. The method of claim 19 , wherein causing a verification code to be sent to the user and causing a correlating factor to be sent to the local entity, comprises causing a verification service separate from the remote identity system to at least: generate and store the session ID; generate and store the verification code associated with the session ID; send the verification code; generate the correlating factor; and send the correlating factor.
This invention relates to secure identity verification systems, particularly for verifying user identities in transactions involving remote and local entities. The problem addressed is ensuring secure and reliable identity verification while preventing unauthorized access or fraud in digital transactions. The system involves a verification service that operates independently from the remote identity system. This service generates and manages a session ID, which is used to track and authenticate the verification process. The verification service also generates a verification code associated with the session ID and sends it to the user. Additionally, the service creates a correlating factor, which is sent to the local entity involved in the transaction. The correlating factor allows the local entity to verify the user's identity by matching it with the verification code provided by the user. This separation of the verification service from the remote identity system enhances security by reducing the risk of unauthorized access or manipulation of the verification process. The system ensures that only the intended user can complete the transaction by requiring both the verification code and the correlating factor to be matched, thereby preventing fraudulent activities.
21. The method of claim 17 , wherein the request from a local entity to begin user account provisioning for a user account comprises receiving an account identifier.
A system and method for user account provisioning in a distributed computing environment addresses the challenge of securely and efficiently creating and managing user accounts across multiple systems. The method involves receiving a request from a local entity to initiate user account provisioning for a specific user account, where the request includes an account identifier. The account identifier uniquely identifies the user account and is used to coordinate provisioning activities across different systems. The method further includes validating the request, authenticating the local entity, and generating a provisioning request that includes the account identifier and other relevant account details. This provisioning request is then transmitted to a central provisioning service, which processes the request and coordinates the creation and configuration of the user account across multiple systems. The method ensures consistency and security by verifying the authenticity of the request and the local entity before proceeding with account provisioning. The system may also include mechanisms for error handling, logging, and auditing to maintain accountability and traceability throughout the provisioning process. This approach simplifies account management in distributed environments by centralizing provisioning tasks while maintaining security and reliability.
22. The method of claim 21 , wherein the account identifier comprises one or more of an email address or a phone number.
A system and method for user authentication and account management in digital platforms involves verifying user identity through account identifiers. The method addresses the challenge of securely and efficiently authenticating users across multiple services by using unique account identifiers that can be linked to a user's profile. These identifiers include email addresses or phone numbers, which serve as primary or secondary authentication factors. The system processes these identifiers to confirm user identity, enabling access to associated accounts or services. The method may also involve validating the identifiers against stored records or external databases to ensure accuracy and prevent unauthorized access. By leveraging common contact details like email or phone numbers, the system simplifies the authentication process while maintaining security. This approach reduces reliance on complex passwords and enhances user convenience without compromising account protection. The system can be integrated into various applications, including web services, mobile apps, or enterprise systems, to streamline user verification and access control. The use of email addresses or phone numbers as account identifiers ensures compatibility with existing user data and minimizes the need for additional registration steps.
Unknown
January 21, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.